Page 1 of 1

Best method to return user after they login.

Posted: Fri Dec 04, 2009 9:33 am
by tuxiow
Hi guys,

What is the best method to return a user to the page they where on after they have logged in?

Thanks all.

Regards Paul

Re: Best method to return user after they login.

Posted: Fri Dec 04, 2009 10:35 am
by AbraCadaver
Well, you can try redirecting back to $_SERVER['HTTP_REFERER'] but that isn't always set. So on each page in your site (except the login page) you can set a session var for the current page. Then on the login page you have that var that was set on the previous page.

-Shawn

Re: Best method to return user after they login.

Posted: Fri Dec 04, 2009 3:53 pm
by pickle
That only works if cookies & sessions are being used. I've seen some login pages that have "&return=/page/from/whence/the/user/came" in the URL. The login page can then read that from $_GET & redirect the user back.

Re: Best method to return user after they login.

Posted: Fri Dec 04, 2009 4:15 pm
by AbraCadaver
pickle wrote:That only works if cookies & sessions are being used. I've seen some login pages that have "&return=/page/from/whence/the/user/came" in the URL. The login page can then read that from $_GET & redirect the user back.
Good luck logging people in and maintaining some sort of state to tell if people are logged in or not without using sessions :-) You can use sessions without cookies, but you can't "log someone in" and keep their "logged in" state securely without using sessions.

Well, I guess you could append their username or id and a strong hash of their password (assuming the same hash is stored in the DB or whatever) to every link and form action, etc...on every page in your site/app after they log in, but that would be ridiculous!

Re: Best method to return user after they login.

Posted: Mon Dec 07, 2009 3:21 pm
by tuxiow
Thanks for the advice guys. This is what I have come up with.

I have used this little function I found after some googling.

Code: Select all

<?php 
 
function curPageURL() { 
 $pageURL = 'http'; 
 if ($_SERVER["HTTPS"] == "on") {$pageURL .= "s";} 
 $pageURL .= "://"; 
 if ($_SERVER["SERVER_PORT"] != "80") { 
  $pageURL .= $_SERVER["SERVER_NAME"].":".$_SERVER["SERVER_PORT"].$_SERVER["REQUEST_URI"]; 
 } else { 
  $pageURL .= $_SERVER["SERVER_NAME"].$_SERVER["REQUEST_URI"]; 
 } 
 return $pageURL; 
} 
 
?>
I saved it as getURL.php and included it in my page...

Code: Select all

include("getURL.php");
I then declared a variable from the function and then set it as a session so it can be picked back up as required.....

Code: Select all

session_start(); 
 
$returnURL                =    curPageURL(); 
$_SESSION['returnURL']    =    $returnURL;
Do you think this is okay or is there a better way.

Regards, Paul